From 081af435cc36e2ef7eaac81b703ad26990477f34 Mon Sep 17 00:00:00 2001 From: Gregor Beck Date: Tue, 21 Jun 2011 07:51:41 +0200 Subject: [PATCH 1/5] s3:smbldap: use smbldap_state as memory context for idle event ensure the event is canceled if the smbldap_state gets freed this fixes a panic of winbindd if verify_idpool fails --- source3/lib/smbldap.c | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/source3/lib/smbldap.c b/source3/lib/smbldap.c index 7aa36ba..777aec5 100644 --- a/source3/lib/smbldap.c +++ b/source3/lib/smbldap.c @@ -1234,7 +1234,7 @@ static int smbldap_open(struct smbldap_state *ldap_state) if (ldap_state->event_context != NULL) { ldap_state->idle_event = event_add_timed( - ldap_state->event_context, NULL, + ldap_state->event_context, ldap_state, timeval_current_ofs(SMBLDAP_IDLE_TIME, 0), smbldap_idle_fn, ldap_state); } @@ -1745,7 +1745,7 @@ static void smbldap_idle_fn(struct event_context *event_ctx, DEBUG(10,("ldap connection not idle...\n")); state->idle_event = event_add_timed( - event_ctx, NULL, + event_ctx, state, timeval_add(&now, SMBLDAP_IDLE_TIME, 0), smbldap_idle_fn, private_data); -- 1.7.5.4 From 10f39eea1ddd67441978d7cd04697ca791f60bf0 Mon Sep 17 00:00:00 2001 From: Gregor Beck Date: Tue, 21 Jun 2011 08:00:59 +0200 Subject: [PATCH 2/5] s3:smbldap: free the idle event scheduled in smbldap_open in smbldap_close --- source3/lib/smbldap.c | 3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diff --git a/source3/lib/smbldap.c b/source3/lib/smbldap.c index 777aec5..850ca24 100644 --- a/source3/lib/smbldap.c +++ b/source3/lib/smbldap.c @@ -1259,6 +1259,8 @@ static NTSTATUS smbldap_close(struct smbldap_state *ldap_state) smbldap_delete_state(ldap_state); + TALLOC_FREE(ldap_state->idle_event); + DEBUG(5,("The connection to the LDAP server was closed\n")); /* maybe free the results here --metze */ @@ -1771,7 +1773,6 @@ void smbldap_free_struct(struct smbldap_state **ldap_state) SAFE_FREE((*ldap_state)->bind_dn); SAFE_FREE((*ldap_state)->bind_secret); - TALLOC_FREE((*ldap_state)->idle_event); *ldap_state = NULL; -- 1.7.5.4 From 677e9ec180f566cdc4da10b79a5ffb14d58de80d Mon Sep 17 00:00:00 2001 From: Gregor Beck Date: Tue, 21 Jun 2011 08:02:53 +0200 Subject: [PATCH 3/5] s3:smbldap: let smbldap_free_struct do what it claims to --- source3/lib/smbldap.c | 3 +-- 1 files changed, 1 insertions(+), 2 deletions(-) diff --git a/source3/lib/smbldap.c b/source3/lib/smbldap.c index 850ca24..c2ae5a9 100644 --- a/source3/lib/smbldap.c +++ b/source3/lib/smbldap.c @@ -1773,8 +1773,7 @@ void smbldap_free_struct(struct smbldap_state **ldap_state) SAFE_FREE((*ldap_state)->bind_dn); SAFE_FREE((*ldap_state)->bind_secret); - - *ldap_state = NULL; + TALLOC_FREE(*ldap_state); /* No need to free any further, as it is talloc()ed */ } -- 1.7.5.4 From 1b0fd21b7490a1202f2c721285451fe8fdb9cafe Mon Sep 17 00:00:00 2001 From: Gregor Beck Date: Tue, 21 Jun 2011 08:06:28 +0200 Subject: [PATCH 4/5] s3:smbldap: add a destructor to smbldap_state, just in case --- source3/lib/smbldap.c | 7 +++++++ 1 files changed, 7 insertions(+), 0 deletions(-) diff --git a/source3/lib/smbldap.c b/source3/lib/smbldap.c index c2ae5a9..fd15eae 100644 --- a/source3/lib/smbldap.c +++ b/source3/lib/smbldap.c @@ -1778,6 +1778,12 @@ void smbldap_free_struct(struct smbldap_state **ldap_state) /* No need to free any further, as it is talloc()ed */ } +static int smbldap_state_destructor(struct smbldap_state *state) +{ + smbldap_free_struct(&state); + return 0; +} + /********************************************************************** Intitalise the 'general' ldap structures, on which ldap operations may be conducted @@ -1801,6 +1807,7 @@ NTSTATUS smbldap_init(TALLOC_CTX *mem_ctx, struct event_context *event_ctx, (*smbldap_state)->event_context = event_ctx; + talloc_set_destructor(*smbldap_state, smbldap_state_destructor); return NT_STATUS_OK; } -- 1.7.5.4 From f1978ac120dacb2cb5a1a40d3ad4818f3c021d19 Mon Sep 17 00:00:00 2001 From: Gregor Beck Date: Tue, 21 Jun 2011 08:16:56 +0200 Subject: [PATCH 5/5] s3:smbldap: make smbldap_connect_system self contained --- source3/lib/smbldap.c | 17 +++++++++++------ 1 files changed, 11 insertions(+), 6 deletions(-) diff --git a/source3/lib/smbldap.c b/source3/lib/smbldap.c index fd15eae..c2ac343 100644 --- a/source3/lib/smbldap.c +++ b/source3/lib/smbldap.c @@ -1093,8 +1093,9 @@ static int rebindproc_connect (LDAP * ld, LDAP_CONST char *url, int request, /******************************************************************* connect to the ldap server under system privilege. ******************************************************************/ -static int smbldap_connect_system(struct smbldap_state *ldap_state, LDAP * ldap_struct) +static int smbldap_connect_system(struct smbldap_state *ldap_state) { + LDAP *ldap_struct = ldap_state->ldap_struct; int rc; int version; @@ -1105,7 +1106,8 @@ static int smbldap_connect_system(struct smbldap_state *ldap_state, LDAP * ldap_ /* get the default dn and password only if they are not set already */ if (!fetch_ldap_pw(&bind_dn, &bind_secret)) { DEBUG(0, ("ldap_connect_system: Failed to retrieve password from secrets.tdb\n")); - return LDAP_INVALID_CREDENTIALS; + rc = LDAP_INVALID_CREDENTIALS; + goto done; } smbldap_set_creds(ldap_state, false, bind_dn, bind_secret); SAFE_FREE(bind_dn); @@ -1151,7 +1153,7 @@ static int smbldap_connect_system(struct smbldap_state *ldap_state, LDAP * ldap_ ld_error ? ld_error : "(unknown)")); SAFE_FREE(ld_error); ldap_state->num_failures++; - return rc; + goto done; } ldap_state->num_failures = 0; @@ -1166,6 +1168,11 @@ static int smbldap_connect_system(struct smbldap_state *ldap_state, LDAP * ldap_ DEBUG(3, ("ldap_connect_system: successful connection to the LDAP server\n")); DEBUGADD(10, ("ldap_connect_system: LDAP server %s support paged results\n", ldap_state->paged_results ? "does" : "does not")); +done: + if (rc != 0) { + ldap_unbind(ldap_struct); + ldap_state->ldap_struct = NULL; + } return rc; } @@ -1220,9 +1227,7 @@ static int smbldap_open(struct smbldap_state *ldap_state) return rc; } - if ((rc = smbldap_connect_system(ldap_state, ldap_state->ldap_struct))) { - ldap_unbind(ldap_state->ldap_struct); - ldap_state->ldap_struct = NULL; + if ((rc = smbldap_connect_system(ldap_state))) { return rc; } -- 1.7.5.4